Application Risk Management

Dec 13, 2012
admin

Brinqa Application Risk enables the centralization and standardization of the underlying services that are common across individual application and infrastructure risk management projects. The consolidation establishes an enterprise view of risk to allow executive management to make informed decisions related to resource management and funding allocations, reducing time and cost.

Key Metrics Commonly Tracked

  • Application Software Security Metrics
  • Continuous Vulnerability Metrics
  • Issues and Remediation Metrics
  • Platform Compliance Scores
  • Baseline Defense Metrics
  • Security Roles and Responsibility Metrics

Key Features

  • Risk modeling supports complex, quantifiable risk calculations for business processes,assets, users, controls, and data/ information risk
  • Mapping of risk scores to business policies and regulations
  • Risk libraries for applications and infrastructure
  • Business friendly interface for definition of key risk metrics (e.g., key risk indicators)and thresholds for metrics
  • Support for unique scoring models per asset; scoring model accounts for relationships to other assets
  • Risk engine supports statistical calculations for improved quantitative risk scoring
  • “What if” analysis for risk forecasting, reduction in risk exposure, and risk mitigation plans
  • Out of the box risk assessment questionnaires with advanced question editor for customization
  • Pre-configured risk assessment processes resolve common issues through recommended remediation plans
  • Workflow based risk assessment processes automate data collectioleveraging the Brinqa connector framework
  • Comprehensive issue libraries facilitates automatic issue discovery; issues created as a result of an assessment, loss event, near-miss, scenario analysis, or control test failure
  • Closed loop remediation of issues with full auditing
  • Configurable workflows manage the complete life-cycle of remediation plans
  • Integration with common third-party issue management systems
  • Comprehensive risk dashboards and reporting provide CIO level views of a Company’s overall risk posture with drill down into detailed views
  • Complete historical record of all issues and loss event data

Key Benefits

  • Effective risk management through tools that enable top-down and bottom-up approaches to identify, measure and track risks
  • Holistic view of application risk
  • Enforced accountability for residual risks assigned to the appropriate owners (e.g., line of business)
  • Reduced costs through pro-active risk management which increases risk protection levels with fewer resources
  • Measured trends deliver real data to support return on investment

Related resources